Commit cdf9de09 authored by Andrzej Puzdrowski's avatar Andrzej Puzdrowski
Browse files

doc/readme-zephyr: document the serial recovery 



Added description on serial recovery mode features and
its configuration.

Signed-off-by: default avatarAndrzej Puzdrowski <andrzej.puzdrowski@nordicsemi.no>
Signed-off-by: default avatarAnna Kielar <anna.kielar@nordicsemi.no>
parent 4e9d86aa

docs/readme-zephyr.md

+52 −0
Original line number Diff line number Diff line
@@ -209,3 +209,55 @@ swap-using-scratch is used whereby an application has loaded a firmware update 
and marked it as test/confirmed but MCUboot will not swap the images and

erasing the secondary slot from the zephyr application returns an error

because the slot is marked for upgrade.



## Serial recovery



### Interface selection



A serial recovery protocol is available over either a hardware serial port or a USB CDC ACM virtual serial port.

The SMP server implementation can be enabled by the ``CONFIG_MCUBOOT_SERIAL=y`` Kconfig option.

To set a type of an interface, use the ``BOOT_SERIAL_DEVICE`` Kconfig choice, and select either the ``CONFIG_BOOT_SERIAL_UART`` or the ``CONFIG_BOOT_SERIAL_CDC_ACM`` value.

Which interface belongs to the protocol shall be set by the devicetree-chosen node:

- `zephyr,console` - If a hardware serial port is used.

- `zephyr,cdc-acm-uart` - If a virtual serial port is used.



### Entering the serial recovery mode



To enter the serial recovery mode, the device has to initiate rebooting, and a triggering event has to occur (for example, pressing a button).



By default, the serial recovery GPIO pin active state enters the serial recovery mode.

Use the ``mcuboot_button0`` devicetree button alias to assign the GPIO pin to the MCUboot.



Alternatively, MCUboot can wait for a limited time to check if DFU is invoked by receiving an MCUmgr command.

Select ``CONFIG_BOOT_SERIAL_WAIT_FOR_DFU=y`` to use this mode. ``CONFIG_BOOT_SERIAL_WAIT_FOR_DFU_TIMEOUT`` option defines

the amount of time in milliseconds the device will wait for the trigger.



### Direct image upload



By default, the SMP server implementation will only use the first slot.

To change it, invoke the `image upload` MCUmgr command with a selected image number, and make sure the ``CONFIG_MCUBOOT_SERIAL_DIRECT_IMAGE_UPLOAD=y`` Kconfig option is enabled.

Note that the ``CONFIG_UPDATEABLE_IMAGE_NUMBER`` Kconfig option adjusts the number of image-pairs supported by the MCUboot.



The mapping of image number to partition is as follows:

* 0 and 1 - image-0, the primary slot of the first image.

* 2 - image-1, the secondary slot of the first image.

* 3 - image-2.

* 4 - image-3.



0 is a default upload target when no explicit selection is done.



### System-specific commands



Use the ``CONFIG_ENABLE_MGMT_PERUSER=y`` Kconfig option to enable the following additional commands:

* Storage erase - This command allows erasing the storage partition (enable with ``CONFIG_BOOT_MGMT_CUSTOM_STORAGE_ERASE=y``).

* Custom image list - This command allows fetching version and installation status (custom properties) for all images (enable with ``CONFIG_BOOT_MGMT_CUSTOM_IMG_LIST=y``).



### In-place image decryption



Images uploaded by the serial recovery can be decrypted on the fly by using ECIES primitives described in the [ECIES encryption](encrypted_images.md#ecies-encryption) section.



Enable support for this feature by using ``CONFIG_BOOT_SERIAL_ENCRYPT_EC256=y``.



### More configuration



For details on other available configuration options for the serial recovery protocol, check the Kconfig options  (for example by using ``menuconfig``).

CRA Git | Maintained and supported by SUSTech CRA and CCSE